Advice practices overconfident on cyber security

A survey by Midwinter’s cyber security subsidiary Kamino has found that financial advice practices are overconfident in their ability to manage digital threats.

Data from the survey indicated that only 32 per cent of respondents were aware of the introduction of mandatory data breach reporting requirements that came into effect in February 2018, necessitating businesses report any eligible data breach to affected clients.

Additionally, 45 per cent of respondents have previously suffered a ‘cyber security incident’, which Kamino and Midwinter director Julian Plummer said was “highly concerning” given the lack of awareness around data breach requirements.

“These laws will have a huge impact on the businesses affected. This lack of awareness of the laws most likely translates to an overall lack of preparedness for the changes now in effect, which is worrying considering the ramifications of a cyber breach incident on a financial planning,” he said.

Mr Plummer said “most respondents appeared to have a very good understanding of what is at stake”, but that few have made adequate preparations to protect from a cyber attack.

“Customer information is of the utmost importance, and the survey revealed that business owners realise that their brand must be protected from being tarnished by cyber incidents, which could lead to direct revenue loss,” he said.

“However, this has not been reflected in the preparations and processes which should be set in place to protect advisers, accountants and superfunds from potential cyber attacks.”

Mr Plummer added that human error is one of the biggest weaknesses in a business’ cyber security, but only 28 per cent of respondents were confident in their staff’s cyber security hygiene.

Last week, ifa reported that a global cyber crime group known as Hidden Cobra had been targeting financial services and cryptocurrency businesses in a spate of recent attacks.